Lead the implementation of a security initiatives and systems via well-defined plans including procedures, deadlines, and accountability.
Works with the members of the IT team on the architecture of IT applications and infrastructure assuring that security is maximized.
Develop, implement and maintain a Physical Security Program and Cyber Security Policies
Translate Information Security knowledge into actionable plans to protect enterprise assets
Provides the support, administration, and maintenance necessary to ensure effective and efficient information security
Responds to security incidents in a timely manner
Develop, maintain and exercise a security incident response plan
Performs administration of firewalls, intrusion detection and prevention systems, and SIEM solutions such as Splunk or LogRythm.
Develop and educate the IT organization in information security standards and best practices for common web applications and infrastructure.
Manage vulnerability responses by performing analysis, determining enterprise scope, impact and remediation of identified ad hoc vulnerabilities.
Stay up to date with various security vendors to support threat and vulnerability management across web, mobile and other infrastructure systems.
Responsible for developing, managing and periodic reporting of the security metrics to accurately track the current state of defenses, protections and performance
Provide recommendation and implement innovative solutions, modifications and enhancements to security training and awareness programs.
Develops and manages an information security operations center (ISOC), monitoring, assessing and defending the enterprise information systems, including websites, applications, databases, data centers, servers, networks, desktops and other endpoints.
Manages daily technical operations of the information security team.
Designs and oversees the execution of internal security testing methodologies and execution; conducts vulnerability testing and remediation on software, architecture and vendors.
Interact with senior management levels, which involves negotiating or influencing on significant matters
Ensure that effective tools and processes are in place to protect assets from the evolving threat landscape
Work with Infrastructure and Desktop support personnel to configure and deploy tools
Build procedures to administer the tools and monitor outputs
Stay abreast of new threats and continuously evaluate current processes and tool sets
Commit to continuous learning and networking with the larger cyber security community
Design processes and procedures to enable information technology personnel to conform with the compliance framework
Work with leaders outside of IT to design processes and procedures for operational business units’ compliance.
Be accountable for periodic testing and auditing of compliance
NECESSARY QUALIFICATIONS
At least 5 years of demonstrated experience in some of the enterprise security functions such as, Security Compliance framework, Identity & Access Management, Cloud Security, Vulnerability Management, Firewalls, Antivirus, Penetration testing and other related functions
Strong knowledge of information systems security components and best practices including: firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
Knowledge of industry standard best practices with regards to security
Working knowledge of Microsoft Active Directory, Microsoft Windows Operating Systems and Microsoft Exchange, Microsoft Azure, Office 365